According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from "multiple sources within Apple" that updates made in macOS 10.13.2 have mitigated "most" security concerns associated with the KPTI vulnerability.

Publicized yesterday, the design flaw in Intel chips allows normal user programs to see some of the contents of the protected kernel memory, potentially giving hackers and malicious programs access to sensitive information like passwords, login keys, and more.

Full details on the vulnerability continue to be unavailable and under embargo, so it's not yet clear just how serious it is, but fixing it involves isolating the kernel's memory from user processes using Kernel Page Table Isolation at the OS level. Implementing Kernel Page Table Isolation could cause a performance hit on some machines.

According to The Register, which first shared details on the vulnerability, Windows and Linux machines will see a 5 to 30 percent slowdown once a fix is in place. It appears Macs may not be hit as heavily, as no noticeable performance slowdowns have been reported since the launch of macOS 10.13.2.

Ionescu also says that performance drop on a system with PCID (Process-Context Identifiers), available on most modern Macs, is "minimal," so most users may not see an impact on day-to-day Mac usage.

The testing has just begun - so I'll be posting the results here in about an hour, for anyone interested in how their machines might be affected.

Students have been instructed to take the machines through a variety of real world tests -

So we'll be posting that, as well as the conclusive results provided by our benchmark studies - to hopefully help clear the air and provide a more balanced issuance of the possible affections of data-protected kernel-modeling architecture implications.

What do we make of this really? I think someone should do a comparative test on handbrake or anything that solely uses CPU and only then we can tell the difference between 10.13.2 and any previous versions of macOS

This has nothing to do with CPU utilization. Rather, you will see a performance penalty when an applications makes system calls, such as to files or network access. Essentially it occurs when ring 3 needs to access something at the more privileged ring 0.

Essentially, the vulnerability resides in Intel Processors ability to 'speculate' as to what code needs to be executed next, and execute it in advance so that it is cached and ready for the real execution. The vulnerability allows for the security context of that code execution to escalate from user land (referred to as ring 3) to kernel land (referred to as ring 0). The significance is that the Kernel memory houses sensitive information on the system that, once read, can be leveraged to escalate privileges. Double mapping adds an additional buffer between the kernel and user, which mitigates but doesn't completely solve the vulnerability. That is why additional 'tweaks' are necessary in 10.13.3.

Yes, it was fixed (at least partially, read the full document to have more infos)
on Dec 6th as you can read here
https://support.apple.com/en-us/HT208331

P.s. Sorry it was already posted , I saw it just now
Better two than none:rolleyes:..... I don't know how to delete it this post

There’s no evidence that says 10.11 & 10.12 have been patches. The CVE’s/descriptions in Apple’s patch notes don’t align with the CVE’s/descriptions in Google’s post. Every page I’ve investigated that claims it’s been patched has either pointed to the aforementioned patch notes, or literally say ‘an anonymous source said’...

Furthering my skepticism, back when it occurred, Apple directly stated that they’d addressed the major security flaw known as ‘Shellshock’, so there’s precedent of Apple directly saying ‘this issue’s fixed’.

Granted, Apple may come out and say that patch in question DID mitigate (most of) the Meltdown risk, but I’d be wary of counting your systems as patched until we get a definitive answer.

MacRumors attracts a broad audience
of both consumers and professionals interested in
the latest technologies and products. We also boast an active community focused on
purchasing decisions and technical aspects of the iPhone, iPod, iPad, and Mac platforms.